Question:
Today when I launch an app using kubernetes over aws it exposes a publicly visible LoadBalancer Ingress URL, however to link that to my domain to make the app accessible to the public, I need to manually go into the aws route53 console in a browser on every launch. Can I update the aws route53 Resource Type A to match the latest Kubernetes LoadBalancer Ingress URL from the command line ?
Kubernetes over gcloud shares this challenge of having to either predefine a Static IP which is used in launch config or manually do a browser based domain linkage post launch. On aws I was hoping I could use something similar to this from the command line
|
1 2 |
aws route53domains update-domain-nameservers ??? |
__ OR __ can I predefine an aws kubernetes LoadBalancer Ingress similar to doing a predefined Static IP when over gcloud ?
to show the deployed app’s LoadBalancer Ingress URL issue
|
1 2 |
kubectl describe svc |
… output
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
Name: aaa-deployment-407 Namespace: ruptureofthemundaneplane Labels: app=bbb pod-template-hash=4076262206 Selector: app=bbb,pod-template-hash=4076262206 Type: LoadBalancer IP: 10.0.51.82 LoadBalancer Ingress: a244bodhisattva79c17cf7-61619.us-east-1.elb.amazonaws.com Port: port-1 80/TCP NodePort: port-1 32547/TCP Endpoints: 10.201.0.3:80 Port: port-2 443/TCP NodePort: port-2 31248/TCP Endpoints: 10.201.0.3:443 Session Affinity: None No events. |
UPDATE:
Getting error trying new command line technique (hat tip to @error2007s comment) … issue this
|
1 2 |
aws route53 list-hosted-zones |
… outputs
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
{ "HostedZones": [ { "ResourceRecordSetCount": 6, "CallerReference": "2D58A764-1FAC-DEB4-8AC7-AD37E74B94E6", "Config": { "PrivateZone": false }, "Id": "/hostedzone/Z3II3949ZDMDXV", "Name": "chainsawhaircut.com." } ] } |
Important bit used below : hostedzone Z3II3949ZDMDXV
now I craft following using this Doc (and this Doc as well) as file /change-resource-record-sets.json (NOTE I can successfully change Type A using a similar cli call … however I need to change Type A with an Alias Target of LoadBalancer Ingress URL)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
{ "Comment": "Update record to reflect new IP address of fresh deploy", "Changes": [{ "Action": "UPSERT", "ResourceRecordSet": { "Name": "chainsawhaircut.com.", "Type": "A", "TTL": 60, "AliasTarget": { "HostedZoneId": "Z3II3949ZDMDXV", "DNSName": "a244bodhisattva79c17cf7-61619.us-east-1.elb.amazonaws.com", "EvaluateTargetHealth": false } } }] } |
on command line I then issue
aws route53 change-resource-record-sets –hosted-zone-id Z3II3949ZDMDXV –change-batch file:///change-resource-record-sets.json
which give this error message
|
1 2 |
An error occurred (InvalidInput) when calling the ChangeResourceRecordSets operation: Invalid request |
Any insights ?
Answer:
Here is the logic needed to update aws route53 Resource Record Type A with value from freshly minted kubernetes LoadBalancer Ingress URL
step 1 – identify your hostedzone Id by issuing
|
1 2 |
aws route53 list-hosted-zones |
… from output here is clip for my domain
|
1 2 |
"Id": "/hostedzone/Z3II3949ZDMDXV", |
… importantly never populate json with hostedzone Z3II3949ZDMDXV its only used as a cli parm … there is a second similarly named token HostedZoneId which is entirely different
step 2 – see current value of your route53 domain record … issue :
|
1 2 |
aws route53 list-resource-record-sets --hosted-zone-id Z3II3949ZDMDXV --query "ResourceRecordSets[?Name == 'scottstensland.com.']" |
… output
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
[ { "AliasTarget": { "HostedZoneId": "Z35SXDOTRQ7X7K", "EvaluateTargetHealth": false, "DNSName": "dualstack.asomepriorvalue39e7db-1867261689.us-east-1.elb.amazonaws.com." }, "Type": "A", "Name": "scottstensland.com." }, { "ResourceRecords": [ { "Value": "ns-1238.awsdns-26.org." }, { "Value": "ns-201.awsdns-25.com." }, { "Value": "ns-969.awsdns-57.net." }, { "Value": "ns-1823.awsdns-35.co.uk." } ], "Type": "NS", "Name": "scottstensland.com.", "TTL": 172800 }, { "ResourceRecords": [ { "Value": "ns-1238.awsdns-26.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400" } ], "Type": "SOA", "Name": "scottstensland.com.", "TTL": 900 } ] |
… in above notice value of
|
1 2 |
"HostedZoneId": "Z35SXDOTRQ7X7K", |
which is the second similarly name token Do NOT use wrong Hosted Zone ID
step 3 – put below into your change file aws_route53_type_A.json (for syntax Doc see link mentioned in comment above)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
{ "Comment": "Update record to reflect new DNSName of fresh deploy", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "AliasTarget": { "HostedZoneId": "Z35SXDOTRQ7X7K", "EvaluateTargetHealth": false, "DNSName": "dualstack.a0b82c81f47d011e6b98a0a28439e7db-1867261689.us-east-1.elb.amazonaws.com." }, "Type": "A", "Name": "scottstensland.com." } } ] } |
To identify value for above field “DNSName” … after the kubernetes app deploy on aws it responds with a LoadBalancer Ingress as shown in output of cli command :
|
1 2 |
kubectl describe svc --namespace=ruptureofthemundaneplane |
… as in
|
1 2 |
LoadBalancer Ingress: a0b82c81f47d011e6b98a0a28439e7db-1867261689.us-east-1.elb.amazonaws.com |
… even though my goal is to execute a command line call I can do this manually by getting into the aws console browser … pull up my domain on route53 …
… In this browser picklist editable text box (circled in green) I noticed the URL gets magically prepended with : dualstack. Previously I was missing that magic string … so json key “DNSName” wants this
|
1 2 |
dualstack.a0b82c81f47d011e6b98a0a28439e7db-1867261689.us-east-1.elb.amazonaws.com. |
finally execute the change request
|
1 2 |
aws route53 change-resource-record-sets --hosted-zone-id Z3II3949ZDMDXV --change-batch file://./aws_route53_type_A.json |
… output
|
1 2 3 4 5 6 7 8 9 |
{ "ChangeInfo": { "Status": "PENDING", "Comment": "Update record to reflect new DNSName of fresh deploy", "SubmittedAt": "2016-07-13T14:53:02.789Z", "Id": "/change/CFUX5R9XKGE1C" } } |
…. now to confirm change is live run this to show record
|
1 2 |
aws route53 list-resource-record-sets --hosted-zone-id Z3II3949ZDMDXV |